Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/VpkQ2h5OQbdjiUHl7dKIGfR5i3k.roa
File:                     VpkQ2h5OQbdjiUHl7dKIGfR5i3k.roa (raw, json)
Hash identifier:          NuQIa7oxjxF1iIV6DMbT7zniqqmUz/2i8dN4wz4PJ2A=
Subject key identifier:   56:99:10:DA:1E:4E:41:B7:63:89:41:E5:ED:D2:88:19:F4:79:8B:79
Certificate issuer:       /CN=68bd10f1b14bbb2767ffdcaec4b4172880ba461a
Certificate serial:       0192FD4A5A983A4B49AB989F1C46D761C829
Authority key identifier: 68:BD:10:F1:B1:4B:BB:27:67:FF:DC:AE:C4:B4:17:28:80:BA:46:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/VpkQ2h5OQbdjiUHl7dKIGfR5i3k.roa
Signing time:             Tue 05 Nov 2024 17:06:01 +0000
ROA not before:           Tue 05 Nov 2024 17:06:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204300
IP address blocks:        193.107.40.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aL0Q8bFLuydn_9yuxLQXKIC6Rho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aL0Q8bFLuydn_9yuxLQXKIC6Rho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:fd:4a:5a:98:3a:4b:49:ab:98:9f:1c:46:d7:61:c8:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68bd10f1b14bbb2767ffdcaec4b4172880ba461a
        Validity
            Not Before: Nov  5 17:06:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=569910da1e4e41b7638941e5edd28819f4798b79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:70:23:de:fe:8b:92:d4:41:d0:bf:8c:cf:8d:
                    1e:b6:09:ca:e5:ca:6a:44:22:f3:4a:0a:c9:ef:8d:
                    e9:77:c2:46:7b:04:be:1f:8a:de:d9:30:0f:0c:86:
                    52:60:b2:9c:d2:6a:c7:d5:ef:d9:a1:ba:6d:4b:9c:
                    54:87:2b:6b:37:b8:a1:5c:d2:12:7d:f0:9b:39:7a:
                    1b:8c:c2:37:b3:39:37:5d:08:57:ae:3a:a2:dd:47:
                    42:08:ab:9b:3c:b2:be:fb:18:1e:4c:2d:8c:40:3a:
                    b2:8f:29:ce:43:a4:f4:13:c9:77:2b:ef:5f:b0:d5:
                    66:25:7c:e7:01:39:0a:8f:f2:5d:3e:74:51:67:fa:
                    8f:d8:6f:68:9e:08:b1:57:c4:dd:e5:d6:82:93:cb:
                    96:c9:7e:bf:e7:cd:db:6d:13:6a:0a:71:bd:da:57:
                    f5:0b:00:8a:76:cb:51:d8:2b:4b:8c:c3:ea:84:20:
                    91:8b:59:d1:09:04:47:0b:ec:f1:af:94:3e:49:85:
                    85:67:48:53:2b:55:e6:64:86:57:23:c2:6d:a6:a6:
                    5b:f3:86:ee:3c:02:6b:bb:8a:0d:80:e7:46:fd:2f:
                    40:70:74:c7:68:ab:43:65:65:ca:f2:79:2b:ab:08:
                    ef:a9:43:24:0f:2a:ef:84:c0:21:85:6b:94:bf:c5:
                    9b:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:99:10:DA:1E:4E:41:B7:63:89:41:E5:ED:D2:88:19:F4:79:8B:79
            X509v3 Authority Key Identifier:
                keyid:68:BD:10:F1:B1:4B:BB:27:67:FF:DC:AE:C4:B4:17:28:80:BA:46:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aL0Q8bFLuydn_9yuxLQXKIC6Rho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/VpkQ2h5OQbdjiUHl7dKIGfR5i3k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ade856-8960-4a29-8956-9fe7d928d9be/1/aL0Q8bFLuydn_9yuxLQXKIC6Rho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:cb:2b:67:39:20:b0:6c:8e:cb:9e:73:aa:55:eb:f1:4c:12:
         2c:f8:94:8e:c2:de:b7:c0:13:9f:2b:cf:3b:bb:1c:bd:0a:f3:
         a8:ac:6e:91:0b:f8:9c:a1:61:e7:45:48:b8:34:9c:dd:6f:76:
         24:f9:bb:c1:5c:8c:77:f9:90:84:b2:10:58:b8:1b:b5:9f:27:
         a0:33:f9:95:fd:36:11:03:59:ea:22:3b:80:78:03:08:72:30:
         41:36:20:f7:37:17:21:a7:0f:6e:90:fa:b7:7d:a8:0b:ca:aa:
         bb:da:5f:9a:ff:e0:2c:da:f6:a8:e4:6f:4a:0f:bf:53:96:52:
         f4:50:23:9f:29:b3:29:26:e2:c8:e1:95:e7:84:2d:28:2b:8b:
         43:d4:13:0c:58:97:0b:bc:3f:75:f5:39:55:9e:12:25:40:3b:
         59:ce:43:3b:6f:6a:98:98:0b:a8:20:5c:e4:58:e6:60:3c:b3:
         c6:44:c2:d4:5c:ac:4f:cd:8e:c8:2b:f1:4f:e2:05:e4:ec:8d:
         bd:4f:95:fe:07:95:a0:43:c7:6b:39:72:23:b9:57:c9:35:87:
         25:24:45:ae:16:f4:7a:99:c6:5e:c0:8a:be:0b:92:13:9b:93:
         80:bb:70:d4:66:71:56:47:12:09:22:98:c5:5a:13:83:72:b9:
         22:e9:69:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL9SlqYOktJq5ifHEbXYcgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YmQxMGYxYjE0YmJiMjc2N2ZmZGNhZWM0YjQxNzI4ODBi
YTQ2MWEwHhcNMjQxMTA1MTcwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk5MTBkYTFlNGU0MWI3NjM4OTQxZTVlZGQyODgxOWY0Nzk4Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+XAj3v6LktRB0L+Mz40etgnK5cpq
RCLzSgrJ743pd8JGewS+H4re2TAPDIZSYLKc0mrH1e/ZobptS5xUhytrN7ihXNIS
ffCbOXobjMI3szk3XQhXrjqi3UdCCKubPLK++xgeTC2MQDqyjynOQ6T0E8l3K+9f
sNVmJXznATkKj/JdPnRRZ/qP2G9ongixV8Td5daCk8uWyX6/583bbRNqCnG92lf1
CwCKdstR2CtLjMPqhCCRi1nRCQRHC+zxr5Q+SYWFZ0hTK1XmZIZXI8JtpqZb84bu
PAJru4oNgOdG/S9AcHTHaKtDZWXK8nkrqwjvqUMkDyrvhMAhhWuUv8Wb6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFaZENoeTkG3Y4lB5e3SiBn0eYt5MB8GA1UdIwQY
MBaAFGi9EPGxS7snZ//crsS0FyiAukYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUwwUThiRkx1eWRuXzl5dXhMUVhLSUM2UmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hZGU4NTYtODk2MC00YTI5LTg5NTYt
OWZlN2Q5MjhkOWJlLzEvVnBrUTJoNU9RYmRqaVVIbDdkS0lHZlI1aTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hZGU4NTYtODk2MC00YTI5LTg5NTYtOWZlN2Q5MjhkOWJl
LzEvYUwwUThiRkx1eWRuXzl5dXhMUVhLSUM2UmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWsoMA0G
CSqGSIb3DQEBCwUAA4IBAQAVyytnOSCwbI7LnnOqVevxTBIs+JSOwt63wBOfK887
uxy9CvOorG6RC/icoWHnRUi4NJzdb3Yk+bvBXIx3+ZCEshBYuBu1nyegM/mV/TYR
A1nqIjuAeAMIcjBBNiD3Nxchpw9ukPq3fagLyqq72l+a/+As2vao5G9KD79TllL0
UCOfKbMpJuLI4ZXnhC0oK4tD1BMMWJcLvD919TlVnhIlQDtZzkM7b2qYmAuoIFzk
WOZgPLPGRMLUXKxPzY7IK/FP4gXk7I29T5X+B5WgQ8drOXIjuVfJNYclJEWuFvR6
mcZewIq+C5ITm5OAu3DUZnFWRxIJIpjFWhODcrki6Wnd
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:23 2024 by rpki-client on console-ams.rpki-client.org